fix: Refactor to use interactivebrowser login
This commit is contained in:
parent
4f441fa6b4
commit
580f64b7f2
@ -2,22 +2,21 @@ package graphhelper
|
||||
|
||||
import (
|
||||
"context"
|
||||
"fmt"
|
||||
"os"
|
||||
"strings"
|
||||
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azcore/policy"
|
||||
"github.com/Azure/azure-sdk-for-go/sdk/azidentity"
|
||||
auth "github.com/microsoft/kiota-authentication-azure-go"
|
||||
msgraphsdk "github.com/microsoftgraph/msgraph-sdk-go"
|
||||
// "github.com/microsoftgraph/msgraph-sdk-go/models"
|
||||
// "github.com/microsoftgraph/msgraph-sdk-go/users"
|
||||
"github.com/microsoftgraph/msgraph-sdk-go/models"
|
||||
"github.com/microsoftgraph/msgraph-sdk-go/users"
|
||||
)
|
||||
|
||||
type GraphHelper struct {
|
||||
deviceCodeCredential *azidentity.DeviceCodeCredential
|
||||
userClient *msgraphsdk.GraphServiceClient
|
||||
graphUserScopes []string
|
||||
// deviceCodeCredential *azidentity.DeviceCodeCredential
|
||||
InteractiveBrowserCredential *azidentity.InteractiveBrowserCredential
|
||||
userClient *msgraphsdk.GraphServiceClient
|
||||
graphUserScopes []string
|
||||
}
|
||||
|
||||
func NewGraphHelper() *GraphHelper {
|
||||
@ -26,25 +25,30 @@ func NewGraphHelper() *GraphHelper {
|
||||
}
|
||||
|
||||
func (g *GraphHelper) InitializeGraphForUserAuth() error {
|
||||
clientId := os.Getenv("CLIENT_ID")
|
||||
tenantId := os.Getenv("TENANT_ID")
|
||||
scopes := os.Getenv("GRAPH_USER_SCOPES")
|
||||
// clientId := os.Getenv("CLIENT_ID")
|
||||
clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
|
||||
// tenantId := os.Getenv("TENANT_ID")
|
||||
tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
|
||||
// scopes := os.Getenv("GRAPH_USER_SCOPES")
|
||||
scopes := "user.read"
|
||||
g.graphUserScopes = strings.Split(scopes, ",")
|
||||
|
||||
// Create the device code credential
|
||||
credential, err := azidentity.NewDeviceCodeCredential(&azidentity.DeviceCodeCredentialOptions{
|
||||
// credential, err := azidentity.NewDeviceCodeCredential(&azidentity.DeviceCodeCredentialOptions{
|
||||
credential, err := azidentity.NewInteractiveBrowserCredential(&azidentity.InteractiveBrowserCredentialOptions{
|
||||
ClientID: clientId,
|
||||
TenantID: tenantId,
|
||||
UserPrompt: func(ctx context.Context, message azidentity.DeviceCodeMessage) error {
|
||||
fmt.Println(message.Message)
|
||||
return nil
|
||||
},
|
||||
// UserPrompt: func(ctx context.Context, message azidentity.DeviceCodeMessage) error {
|
||||
// fmt.Println(message.Message)
|
||||
// return nil
|
||||
// },
|
||||
RedirectURL: "https://alias.spamasaurus.com/",
|
||||
})
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
g.deviceCodeCredential = credential
|
||||
g.InteractiveBrowserCredential = credential
|
||||
|
||||
// Create an auth provider using the credential
|
||||
authProvider, err := auth.NewAzureIdentityAuthenticationProviderWithScopes(credential, g.graphUserScopes)
|
||||
@ -66,7 +70,7 @@ func (g *GraphHelper) InitializeGraphForUserAuth() error {
|
||||
}
|
||||
|
||||
func (g *GraphHelper) GetUserToken() (*string, error) {
|
||||
token, err := g.deviceCodeCredential.GetToken(context.Background(), policy.TokenRequestOptions{
|
||||
token, err := g.InteractiveBrowserCredential.GetToken(context.Background(), policy.TokenRequestOptions{
|
||||
Scopes: g.graphUserScopes,
|
||||
})
|
||||
if err != nil {
|
||||
@ -75,3 +79,15 @@ func (g *GraphHelper) GetUserToken() (*string, error) {
|
||||
|
||||
return &token.Token, nil
|
||||
}
|
||||
|
||||
func (g *GraphHelper) GetUser() (models.Userable, error) {
|
||||
query := users.UserItemRequestBuilderGetQueryParameters{
|
||||
// Only request specific properties
|
||||
Select: []string{"displayName", "mail", "userPrincipalName"},
|
||||
}
|
||||
|
||||
return g.userClient.Me().Get(context.Background(),
|
||||
&users.UserItemRequestBuilderGetRequestConfiguration{
|
||||
QueryParameters: &query,
|
||||
})
|
||||
}
|
||||
|
@ -15,25 +15,35 @@ import (
|
||||
)
|
||||
|
||||
func handler(w http.ResponseWriter, r *http.Request) {
|
||||
query := r.URL.Query()
|
||||
name := query.Get("name")
|
||||
|
||||
graphHelper := graphhelper.NewGraphHelper()
|
||||
|
||||
initializeGraph(graphHelper)
|
||||
greetUser(graphHelper)
|
||||
|
||||
if name == "" {
|
||||
name = "Guest"
|
||||
user, err := graphHelper.GetUser()
|
||||
if err != nil {
|
||||
log.Panicf("Error getting user: %v\n", err)
|
||||
}
|
||||
log.Printf("Received request for %s\n", name)
|
||||
w.Write([]byte(fmt.Sprintf("Hello, %s\n", name)))
|
||||
|
||||
fmt.Printf("Hello, %s!\n", *user.GetDisplayName())
|
||||
w.Write([]byte(fmt.Sprintf("Hello, %s\n", *user.GetDisplayName())))
|
||||
|
||||
// query := r.URL.Query()
|
||||
// name := query.Get("name")
|
||||
// w.Write([]byte(fmt.Sprintf("Hello, %s\n", name)))
|
||||
}
|
||||
|
||||
func healthHandler(w http.ResponseWriter, r *http.Request) {
|
||||
w.WriteHeader(http.StatusOK)
|
||||
}
|
||||
|
||||
func loginHandler(w http.ResponseWriter, r *http.Request) {
|
||||
clientId := "dccb4b93-3f75-4775-a94a-da39216d7daf"
|
||||
tenantId := "ceeae22e-f163-4ac9-b7c2-45972d3aed4f"
|
||||
redirectURI := "https://alias.spamasaurus.com/"
|
||||
|
||||
http.Redirect(w, r,
|
||||
"https://login.microsoftonline.com/"+tenantId+"/oauth2/v2.0/authorize?client_id="+clientId+"&response_type=code&redirect_uri="+redirectURI+"&scope=openid profile offline_access", http.StatusMovedPermanently)
|
||||
}
|
||||
|
||||
func readinessHandler(w http.ResponseWriter, r *http.Request) {
|
||||
w.WriteHeader(http.StatusOK)
|
||||
}
|
||||
@ -44,6 +54,7 @@ func main() {
|
||||
|
||||
r.HandleFunc("/", handler)
|
||||
r.HandleFunc("/health", healthHandler)
|
||||
r.HandleFunc("/login", loginHandler)
|
||||
r.HandleFunc("/readiness", readinessHandler)
|
||||
|
||||
srv := &http.Server{
|
||||
@ -88,10 +99,6 @@ func initializeGraph(graphHelper *graphhelper.GraphHelper) {
|
||||
}
|
||||
}
|
||||
|
||||
func greetUser(graphHelper *graphhelper.GraphHelper) {
|
||||
// TODO
|
||||
}
|
||||
|
||||
func displayAccessToken(graphHelper *graphhelper.GraphHelper) {
|
||||
token, err := graphHelper.GetUserToken()
|
||||
if err != nil {
|
||||
|
Loading…
Reference in New Issue
Block a user